Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/director/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php header('Content-type: application/xls'); header('Content-Disposition: attachment; filename="ReportPlaning.xls"'); require_once( "../include/FunctionDB.php" ); //require_once( "../include/Function.php" ); ConnectDB(); $strSQL = " SELECT * FROM project_tb WHERE Budget_Year='$Budget_Year' AND MoneyId='$MoneyId' ORDER BY Orderlist , Date ASC "; $result = mysql_query($strSQL); $num = mysql_num_rows($result ); ?> <meta http-equiv="Content-Type" content="text/html; charset=TIS-620"> <table width="809" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="832"><fieldset> <form id="form" name="form" method="get" action=""> <table width="100%" border="0" align="center" cellpadding="0" cellspacing="0" style="background-color:#eeeeee; border:0px solid gray"> <tr bgcolor="#CCCCFF"> <td height="25" colspan="7" align="center" valign="middle" bgcolor="#CCCCFF"><strong>รายละเอียดการใช้เงินตามแผนดำเนินการประจำปีงบประมาณ <? echo $Budget_Year?></strong></td> </tr> <tr bgcolor="#E6E6E6"> <td height="10" colspan="7" align="center" bgcolor="#FFFFFF"></td> </tr> <tr bgcolor="#E6E6E6"> <td width="26" height="22" align="center" bgcolor="#FFFFFF"><strong>No</strong></td> <td align="center" bgcolor="#FFFFFF"> </td> <td colspan="2" align="left" bgcolor="#FFFFFF"><strong>หมวดเงิน <?php $sql = " SELECT * FROM money_tb WHERE MoneyId='$MoneyId' "; $result1 = mysql_query($sql); $rs1 = mysql_fetch_array($result1); echo $rs1['MoneyName']; ?></strong></td> <td width="115" align="left" bgcolor="#FFFFFF"><strong>หน่วยงาน</strong></td> <td width="91" align="right" bgcolor="#FFFFFF"><strong>วันที่ดำเนินการ</strong></td> <td width="76" align="right" bgcolor="#FFFFFF"><strong>จำนวนเงิน</strong></td> </tr> <?php $i = 1; while( $row = mysql_fetch_array($result) ) { $bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF"; ?> <tr bgcolor="<?=$bgColor;?>" > <td align="center" valign="top"><font color="#0033CC" face="Tahoma"><?=$i;?></font></td> <td width="23" align="center" valign="top"><?=$row["Orderlist"]?></font></td> <td colspan="2" align="left" valign="top" bordercolor="#EEEEEE"><?=$row["Training_name"]?></td> <td bordercolor="#EEEEEE"><font color="#0033CC" size="2" face="Tahoma"> <?php $Faculty_code = $row["Faculty_code"]; $sql = " SELECT * FROM faculty_tb WHERE Faculty_code='$Faculty_code' "; $result2 = mysql_query($sql) or die("Error".mysql_error()); $rs2 = mysql_fetch_array($result2); echo $rs2['Faculty_name']; ?></font></td> <td bordercolor="#EEEEEE" align="right" style="padding-right:10px"><font color="#003366" size="2" face="Tahoma"><? echo $row['Date'];?></font></td> <td><div align="right"><font color="#993333" size="2" face="Tahoma"><? echo number_format($row['Budget_use'],2,'.',','); ?> </font></div></td> </tr> <?php $i++; } ?> <tr bgcolor="#FFFFFF"> <td height="15" colspan="7" align="center" ></td> </tr> <tr bgcolor="#FFFFFF"> <td colspan="6" align="right" ><font color="#993333" face="Tahoma">จำนวนเงินที่ใช้</font></td> <td align="right" ><strong><font color="#993333" size="2" face="Tahoma"> <?php $sql1 = " SELECT SUM(Budget_use) AS SumB1 FROM project_tb WHERE Budget_Year='$Budget_Year' AND Faculty_code='$Faculty_code' AND MoneyId='$MoneyId' "; $result1 = mysql_query($sql1) or die("Erro".mysql_error()); $rss1 = mysql_fetch_array($result1); echo number_format($rss1['SumB1'],2,'.',','); ?> </font></strong></td> </tr> <tr bgcolor="#FFFFFF"> <td colspan="6" align="right" ><font color="#0033CC" face="Tahoma"><font color="#993333">วงเงินที่ตั้งไว้ตามแผน</font></font></td> <td align="center" ><div align="right"><strong><font color="#993333" size="2" face="Tahoma"> <?php $sql2 = " SELECT SUM(Budget_use) AS SumB2 FROM project_type_tb WHERE Budget_Year='$Budget_Year' AND Faculty_code='$Faculty_code' "; $result2 = mysql_query($sql2) or die("Erro".mysql_error()); $rss2 = mysql_fetch_array($result2); echo number_format($rss2['SumB2'],2,'.',','); ?> </font></strong></div></td> </tr> <tr bgcolor="#FFFFFF"> <td colspan="6" align="right" ><font color="#0033CC" face="Tahoma"><font color="#993333">คงเหลือเงินตามแผน</font></font></td> <td align="center" ><div align="right"><strong><font color="#993333" size="2" face="Tahoma"> <?php $Delete3 = $rss2[SumB2] - $rss1[SumB1] ; echo number_format($Delete3,2,'.',','); ?> </font></strong></div></td> </tr> <tr bgcolor="#CCCCFF"> <td height="15" colspan="7" align="center" bgcolor="#FFFFFF"></td> </tr> <tr bgcolor="#CCCCFF"> <td height="22" colspan="7" align="center" bgcolor="#FFFFFF"><strong>ทั้งหมด <font color="#FF0000" size="2" face="Tahoma"><? echo $num; ?></font> รายการ</strong></td> </tr> <tr bgcolor="#CCCCFF"> <td height="10" colspan="7" align="center" bgcolor="#FFFFFF" ></td> </tr> </table> </form> </fieldset> </td> </tr> </table> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0057 ]-- |